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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings of claims in the application: 
Listing of Claims: 

1. (Currently Amended) A method comprising: 

identifying, by a network device, a first port of the network device as a 
management port, the first port having a gateway address; 

identifying, by the network device, a second port of the network device as a non- 
management port; and 

filtering, by the network device, management data packets received on the second 
pert a data packet received on the second port if a destination IP address of the data packet 
corresponds to the gateway address of the first port and if the data packet utilizes a management 
protocol . 

2. (Canceled) 

3. (Currently Amended) The method of claim [[2]] i, wherein the filtering 
comprises further includes: 

if the destination IP address for the data packet received on the second port 
corresponds to the gateway address of the first port, determining if the data packet utilizes a 
management protocol; and 

if the data packet utilizes a management protocol, dropping the data packet. 

4. (Currently Amended) The method of claim 1, further comprising[[:]] 
passing the data packet received on the second port if the data packet originated from a virtual 
local area network that includes the first port. 

defining a virtual local area network including the first port and a first subnet; and 
allowing access to management functions of the network device only to those 
hosts connected to the first subnet. 
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5. (Currently Amended) The method of claim 4, further comprising: wherein 
connecting another network device is connected to the second portff;]]^ wherein defining a port 
of the another network device [[as]] is defined to be part of the virtual local area network; 
wherein the port of the another network device and is assigned a source IP address that 
corresponds corresponding to the gateway address of the first port, and wherein management 
data packets for managing the another network device are sent to the source IP address. 

6. (Currently Amended) The method of claim 5, wherein the management 
data packets have higher priority than other data packets routed through the network device. 

7. (Currently Amended) The method of claim 1 , further including: providing 
wherein the network device includes an application specific integrated circuit operable to Site? 
manag e m e nt data packets received on the second port perform the filtering . 

8. (Currently Amended) The method of claim [[1]] 7 furth e r including: 
providing an the application specific integrated circuit operable - is configured to[[:]] determine if 
[[a]] the destination IP address for [[a]] the data packet received on the second port corresponds 
to the gateway address of the first port[[;]]. 

determine if the data packet utilizes a management protocol; and 
drop the data packet if it is determined that the data packet has a 

destination IP address that corresponds to the gateway address of the first port, and that the data 

packet utilizes a management protocol. 

9. (Currently Amended) A network device comprising: 
a first port defined as a management port; 

a second port defined as a non-management port; 

a processing component operable to provide management functions that allow a 
user to modify operation of the network device; and 

an application specific integrated circuit operable to deny access to the 
management functions for hosts that transmit management data packets to the network device 
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through tho second port filter a data packet received on the second port if a destination IP address 
of the data packet corresponds to a gateway address of the first port and if the data packet utilizes 
a management protocol . 

10. (Currently Amended) The network device of claim 9 wherein the filtering 
comprises application specific integrated circuit is further operable to: 

determine if a data packet received on tho second port includes a 
destination IP address that corresponds to a gateway IP address of the first port; 

if the destination IP address corresponds to the gateway IP address, 
determine if the data packet utilizes a management protocol; and 

if the data packet utilizes a management protocol, drop dropping the data 

packet. 

1 1 . (Currently Amended) The network device of claim [[10]] 9, wherein the 
first port is defin e d to be part of a management virtual local area network, and wherein only 
devices that are coupled to tho management virtual local area network have access to tho 
management functions of the processing component application specific integrated circuit is 
further operable to pass the data packet received on the second port if the data packet originated 
from a virtual local area network that includes the first port . 

12. (Currently Amended) A network device comprising: 
a plurality of ports including a management port; and 

a control component configured to: 

determine if a destination IP address included in a received data packet 
corresponds to a gateway IP address of the management port; 

if the destination IP address d oos not correspond corresponds to the 
gateway IP address of the management port, determine if the data packet originated from a 
management virtual local area network (VLAN), wherein the management VLAN includes the 
management port; 
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if the destination IP address data packet did not originate from the 
management VLAN, determine if the data packet uses a management protocol; and 

if the data packet uses a management protocol, drop the packet. 

13. (Currently Amended) The network device of claim 12 wherein if the 
destination IP address does not correspond to the gateway IP address of the management port, 
the control component is configured to pass the data packet. 

14. (Currently Amended) The network device of claim 12 wherein if the 
destination IP address data packet did originate from the management VLAN, the control 
component is configured to pass the data packet. 

15. (Previously Presented) The network device of claim 12 wherein if the 
data packet does not use a management protocol, the control component is configured to pass the 
data packet. 

16. (Previously Presented) The network device of claim 12 wherein the 
network device is a router. 

17. (New) The method of claim 1 wherein filtering the data packet received 
on the second port comprises storing the data packet in a memory area separate from other types 
of received data packets. 

18. (New) The network device of claim 9 wherein filtering the data packet 
received on the second port comprises storing the data packet in a memory area separate from 
other types of received data packets. 
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